Mirantis Container Cloud (MCC) becomes part of Mirantis OpenStack for Kubernetes (MOSK)!

Starting with MOSK 25.2, the MOSK documentation set will cover all product layers, including MOSK management (formerly MCC). This means everything you need will be in one place. The separate MCC documentation site will be retired, so please update your bookmarks for continued easy access to the latest content.

Security notes

In total, in the MOSK 23.2.3 release, 331 Common Vulnerabilities and Exposures (CVE) have been fixed: 39 of critical and 292 of high severity.

The full list of the CVEs present in the current MOSK release is available at the Mirantis Security Portal.

Addressed CVEs - summary

Severity

Critical

High

Total

Unique CVEs

1

18

19

Total issues across images

39

292

331

Addressed CVEs - detailed

Image

Component name

CVE

core/external/nginx

libwebp

CVE-2023-4863 (High)

core/frontend

libwebp

CVE-2023-4863 (High)

general/memcached

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

lcm/kubernetes/openstack-cloud-controller-manager-amd64

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

lcm/registry

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

openstack/extra/cloudprober

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

openstack/extra/etcd

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

openstack/extra/nginx-ingress-controller

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

openstack/extra/redis

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

openstack/horizon

Django

CVE-2023-41164 (High)

scale/curl-jq

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

stacklight/alertmanager-webhook-servicenow

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

stacklight/grafana-image-renderer

libwebp

CVE-2023-4863 (High)

stacklight/ironic-prometheus-exporter

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

stacklight/sf-reporter

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

stacklight/tungstenfabric-prometheus-exporter

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)

tungsten/contrail-analytics-alarm-gen

kernel-headers

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

CVE-2023-35788 (High)

tungsten/contrail-analytics-api

kernel-headers

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

CVE-2023-35788 (High)

tungsten/contrail-analytics-collector

kernel-headers

CVE-2023-35788 (High)

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

tungsten/contrail-analytics-query-engine

kernel-headers

CVE-2023-35788 (High)

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

tungsten/contrail-analytics-snmp-collector

kernel-headers

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

CVE-2023-35788 (High)

tungsten/contrail-analytics-snmp-topology

kernel-headers

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

CVE-2023-35788 (High)

tungsten/contrail-controller-config-api

kernel-headers

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

CVE-2023-35788 (High)

tungsten/contrail-controller-config-devicemgr

kernel-headers

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

CVE-2023-35788 (High)

tungsten/contrail-controller-config-schema

kernel-headers

CVE-2023-35788 (High)

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

tungsten/contrail-controller-config-svcmonitor

kernel-headers

CVE-2023-35788 (High)

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

tungsten/contrail-controller-control-control

kernel-headers

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

CVE-2023-35788 (High)

tungsten/contrail-controller-control-dns

kernel-headers

CVE-2023-35788 (High)

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

tungsten/contrail-controller-control-named

kernel-headers

CVE-2023-35788 (High)

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

tungsten/contrail-controller-webui-job

kernel-headers

CVE-2023-35788 (High)

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

tungsten/contrail-controller-webui-web

kernel-headers

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

CVE-2023-35788 (High)

tungsten/contrail-nodemgr

kernel-headers

CVE-2023-35788 (High)

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

tungsten/contrail-provisioner

kernel-headers

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

CVE-2023-35788 (High)

tungsten/contrail-tools

kernel-headers

CVE-2023-35788 (High)

CVE-2022-1012 (High)

CVE-2023-2163 (High)

CVE-2022-42896 (High)

CVE-2023-3611 (High)

CVE-2023-35001 (High)

CVE-2023-3609 (High)

CVE-2020-8834 (High)

CVE-2021-3715 (High)

CVE-2023-4128 (High)

CVE-2023-32233 (High)

CVE-2022-2639 (High)

CVE-2023-1829 (High)

CVE-2023-3776 (High)

CVE-2018-20976 (High)

CVE-2023-1281 (High)

tungsten/redis

busybox

CVE-2022-48174 (Critical)

busybox-binsh

CVE-2022-48174 (Critical)

ssl_client

CVE-2022-48174 (Critical)